Last I heard, someone was working on a module that would deal with multiple login attempts for a single ip. The module wouldn't block the account from logging in, but that ip. On my campus, we see attacks where a robot will try multiple usernames and passwords and I want to be able to block that ip automagically when this happens. -- DK